any opinions on Mandiant RC or ZA ForceField?

Discussion in 'other anti-malware software' started by jfd15, Oct 25, 2007.

Thread Status:
Not open for further replies.
  1. jfd15

    jfd15 Registered Member

    Joined:
    Oct 12, 2007
    Posts:
    234
    Location:
    Sacramento, CA
    hi,
    was wondering if anyone was using Mandiant Red Curtain or the ZA ForceField
    beta?


    Mandiant app. only scans .exe type files....i wanted it to scan my Limewire downloads, but it wouldnt...
     
  2. The Mole

    The Mole Registered Member

    Joined:
    Oct 26, 2007
    Posts:
    4
    Location:
    Bregenz, Austria
    I am using the ZA ForceField beta and imo it's excellent. Sure it has some minor problems, like FP's on some sites, which will be hopefully fixed.
     
  3. lucas1985

    lucas1985 Retired Moderator

    Joined:
    Nov 9, 2006
    Posts:
    4,047
    Location:
    France, May 1968
    Red Curtain isn't your regular malware scanner. It's a research tool and it only rates executables based on a fixed criteria.
     
  4. jfd15

    jfd15 Registered Member

    Joined:
    Oct 12, 2007
    Posts:
    234
    Location:
    Sacramento, CA
    thanks for the replies...

    on Mandiant RC, i thought viruses, malware etc could exist in a non-executable
    file? this is not the case? i thought the regular AVG, ST, SAS types scanned
    all files on the HDD by default...
     
  5. lucas1985

    lucas1985 Retired Moderator

    Joined:
    Nov 9, 2006
    Posts:
    4,047
    Location:
    France, May 1968
    Yes, there are macro (Word/Excel/Powerpoint) viruses and script (scripting languages) viruses.
     
  6. jfd15

    jfd15 Registered Member

    Joined:
    Oct 12, 2007
    Posts:
    234
    Location:
    Sacramento, CA

    thats not as bad as i thought then...i figured malware could hide in just about any file, i was scanning everything...

    does the actual file extension matter, like if its an .mp3 or .wma, could it still harbor a virus/malware that would be released
    on opening the file?
     
  7. lucas1985

    lucas1985 Retired Moderator

    Joined:
    Nov 9, 2006
    Posts:
    4,047
    Location:
    France, May 1968
    You can hide anything in everything (steganography). But, an .exe hidden in a .mp3 file won't do any harm. On the other hand, data filetypes might have vulnerabilities (buffer overflows for instance) which can be used to execute shellcode
     
Loading...
Similar Threads
  1. koliko
    Replies:
    19
    Views:
    1,068
Thread Status:
Not open for further replies.